<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>jsonp</title>
</head>
<body>
<script>
    function jsonp({url,params,cb}) {
        return new Promise((resolve,reject)=>{
            window[cb]=function (data) {
                resolve(data);
                document.body.removeChild(script)
            };
            params={...params,cb};
            let arr=[];
            for(let key in params){
                arr.push(`${key}=${params[key]}`)
            }
            let script=document.createElement('script');
            script.src=`${url}?${arr.join('&')}`;
            document.body.appendChild(script);
        })
    }
    //只能发get 不支持post put delete 不安全
    //不安全 xss攻击
    jsonp({
        url:'http://localhost:1234/say',
        params:{wd:'i love you '},
        cb:'show'
    }).then(data=>{
        console.log(data);
    })
</script>
</body>
</html>